Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 19 Jan 2010 02:22:03 +0200
From:      Ed Jobs <oloringr@gmail.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: /etc/hosts.deniedssh
Message-ID:  <201001190222.03539.oloringr@gmail.com>
In-Reply-To: <201001182239.20153.david@vizion2000.net>
References:  <201001182239.20153.david@vizion2000.net>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
--nextPart32409047.g47VQd2U8o
Content-Type: Text/Plain;
  charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

On Tuesday 19 January 2010 00:39, David Southwell wrote:
> Examples from hosts.deniedssh
> I seem to be on the receiving end of a concerted series of unsuccessful
>  break in attacks on one of our systems. One small part of the attack=20
has=20
>  resulted in over 2000 entries in our hosts.deniedssh file in less than 1
>  hour.
>=20
> I would be interested in any comments on the small example shown=20
below and
>  any advice.
>=20
> Thanks in advance
>=20
> David
<snip>

2k entries are too much indeed. are you running ssh on port 22?
if yes, (and your users are ok with it) you can change it to another port.
or maybe, temporary disable ssh login and use cron to enable it again in=20
some time in the future.

=2D-=20
Save the whales.  Club a seal instead.

--nextPart32409047.g47VQd2U8o
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAktU+ysACgkQBPpdVEWKA32fugCgzG7T/eZBiNb1MvWOm5jqhvEC
y20AoPRAeELJ6s4fmSQihZgrer94YiOf
=ISqn
-----END PGP SIGNATURE-----

--nextPart32409047.g47VQd2U8o--



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?201001190222.03539.oloringr>